[Bug 1847822] Re: CephFS authorize fails with unknown cap type

Billy Olsen billy.olsen at canonical.com
Mon Oct 14 02:39:32 UTC 2019 

** Patch added: "bionic patch"
   https://bugs.launchpad.net/cloud-archive/+bug/1847822/+attachment/5296864/+files/dont-validate-fs-caps-on-authorize.patch

** Description changed:

+ [Impact]
+ 
  Attempting to provide access to a user within Ceph to a specific mount
  path fails with unknown cap type. This appears to be due to the monitor
  not knowing how to validate the caps that are provided with the mount
  path per upstream bug https://tracker.ceph.com/issues/39395 and
  subsequent pull requests.
  
  This is fixed in Mimic (13.1.0+) and included in the current Luminous
  devel release (upcoming 12.2.13).
  
+ 
+ [Test Case]
  
  Steps to recreate:
  
  1. Install ceph w/ ceph-fs.
  
  2. Mount ceph filesystem and create subdirectory for restricting access
  $ ceph-fuse -k /etc/ceph/ceph.client.foo.keyring --id foo -m 10.5.0.5:6789 /mnt/ceph-fs
  $ mkdir /mnt/ceph-fs/bar
  
  3. Authorize access for ceph user to rw a directory
  $ ceph fs authorize ceph-fs client.foo /bar rw
  
  Expected Results:
  
  The authorize command to succeed
  
  Actual Results:
  
  Error EINVAL: unknown cap type '/bar'
  
- Upstream pull-request:
- https://github.com/ceph/ceph/pull/28666
+ [Regression Potential]
+ 
+ Regression potential is low as this has already been fixed upstream and
+ has seen additional testing without additional problem reports from the
+ change. The change does affect the validation of capabilities, so if a
+ problem were to arise it would likely be in the verification of
+ capabilities when the code is parsing.
+ 
+ [Other Info]
+ 
+ Upstream pull-request: https://github.com/ceph/ceph/pull/28666

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1847822

Title:
  CephFS authorize fails with unknown cap type

Status in Ubuntu Cloud Archive:
  Triaged
Status in Ubuntu Cloud Archive queens series:
  Triaged
Status in ceph package in Ubuntu:
  Triaged

Bug description:
  [Impact]

  Attempting to provide access to a user within Ceph to a specific mount
  path fails with unknown cap type. This appears to be due to the
  monitor not knowing how to validate the caps that are provided with
  the mount path per upstream bug https://tracker.ceph.com/issues/39395
  and subsequent pull requests.

  This is fixed in Mimic (13.1.0+) and included in the current Luminous
  devel release (upcoming 12.2.13).

  
  [Test Case]

  Steps to recreate:

  1. Install ceph w/ ceph-fs.

  2. Mount ceph filesystem and create subdirectory for restricting access
  $ ceph-fuse -k /etc/ceph/ceph.client.foo.keyring --id foo -m 10.5.0.5:6789 /mnt/ceph-fs
  $ mkdir /mnt/ceph-fs/bar

  3. Authorize access for ceph user to rw a directory
  $ ceph fs authorize ceph-fs client.foo /bar rw

  Expected Results:

  The authorize command to succeed

  Actual Results:

  Error EINVAL: unknown cap type '/bar'

  [Regression Potential]

  Regression potential is low as this has already been fixed upstream
  and has seen additional testing without additional problem reports
  from the change. The change does affect the validation of
  capabilities, so if a problem were to arise it would likely be in the
  verification of capabilities when the code is parsing.

  [Other Info]

  Upstream pull-request: https://github.com/ceph/ceph/pull/28666

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1847822/+subscriptions

More information about the Ubuntu-openstack-bugs mailing list